субота, 05. октобар 2013.

Can a new round of NSA transparency bills make it through Congress?

In July, the US House of Representatives came within 12 votes of defunding NSA surveillance in a sweeping amendment vote that caught much of Washington by surprise. It was a broad stroke, designed more as a statement than sustainable legislation, but it sent a clear message: Congress is ready to take on the NSA. Or at least they're ready to talk about it.
"We're fundamentally in the business of trust."
More than two months later, a pair of more modest bills have entered the Senate and House, sponsored by Senator Al Franken (D-MN) and Representative Zoe Lofgren (D-CA) respectively. The bills are aimed at transparency rather than broad-stroke defunding, something companies like Apple, Google and Microsoft have lobbied and sued for, but this would be a chance to make those transparency principles the law of the land. To get it through, advocates will have to navigate a dysfunctional Congress and a president who has staunchly defended executive secrecy. So how much of a chance do these bills have?
The bills' biggest assets are their powerful friends. The tech industry is lobbying hard, with nearly every major American tech company signing an open letter in support of the bills, including Apple, Google, Facebook, Microsoft, Yahoo, Twitter, Tumblr, Dropbox, and AOL. (Amazon is the notable exception, although it has not been named in any NSA documents and does not publish a transparency report.) For many, being implicated in the PRISM program has forced their hand, requiring companies to lobby for stronger transparency measures to regain users' trust. Cloudflare CEO Matthew Prince, another signatory, describes his company as "fundamentally in the business of trust. Unfortunately, suspicion over secret law enforcement requests damages our ability to be transparent with our users and erodes that trust." A Google spokesperson declined to comment, stating they preferred to let the letter speak for itself.
"It should be completely uncontroversial...even if you don't believe that [surveillance] tools have been misused."
Just as important, the Senate bill also has powerful friends in the legislature. Judiciary committee chairman Patrick Leahy (D-VT) is listed as a co-sponsor of the bill, which means it will likely get a chance at a floor vote in the Senate. So far, all the co-sponsors are Democrats, raising concerns over whether it will gain bipartisan support, but Senate Republicans like Rand Paul (R-KY) have co-sponsored NSA reform bills in the past, and dozens of house Republicans signed on to the previous NSA-defunding push. In light of the government shutdown, the odds seem slim for any legislation in the short term, but the transparency bills have as good a chance as any.
One clause would require reporting the total number of users affected
Unlike other reform bills like Ron Wyden (D-VT)'s Intelligence Oversight and Surveillance Reform Act, which tried to build in governmental oversight, the Franken and Lofgren bills would target corporate gag orders, allowing companies to publish more detailed reports and give users a better sense of the scope of government data collection. Currently, companies are only allowed to report how many data requests they've received, in bands of a thousand — but since a single request could encompass millions of users, this practice has been critiqued as misleading or even deceptive. One clause in the Franken bill would require reporting the total number of users affected. Sherwin Siy of Public Knowledge, another signatory on the recent letter, says this provision is crucial for real transparency. "It should be completely uncontroversial that we should know the extent to which these powerful tools are being used," Siy tells The Verge, "even if you don't believe that the tools have been misused or abused."
If there's a downside to this new legislative push, it's that the bills are aimed at helping companies compete, rather than shoring up the civil rights of citizens on the web. But for advocates, the competitive case is simply more immediate. As an example, Prince pointed to F-Secure's Younited service, which launched today as a Finnish alternative to cloud storage companies like Dropbox. On Younited's About page, they promise the site will be "a place where privacy is guaranteed and your stuff remains yours," a clear reference to NSA surveillance. "I predict you're going to see a lot more of that," Prince says. "The US has been dominant in the internet space. This lack of trust puts that leadership at risk."